Baidu: Registrar 'incredibly' changed our e-mail for hacker

Baidu: Registrar 'incredibly' changed our e-mail for hacker
Baidu: Registrar 'incredibly' changed our e-mail for hacker 

By Owen Fletcher and Robert McMillan
IDG News Service
February 24, 2010

A hacker who took down top Chinese search engine last month 
broke into its account with a U.S. domain name registrar by pretending 
to be from Baidu in an online chat with the registrar's tech help, 
according to a lawsuit filed by Baidu.

Support staff at the registrar,, then refused to aid Baidu 
when first contacted about redirecting users to a Web page 
that declared, "This site has been hacked by the Iranian Cyber Army," 
the Baidu complaint alleges. The complaint was filed last month in U.S. 
District Court for the Southern District of New York, but the court only 
recently released an unredacted copy of the complaint.

The complaint says Baidu's service was disrupted for five hours by the 
hack and seeks millions of dollars allegedly lost in revenue and other 

The attack began on the afternoon of Jan. 11 when the hacker contacted tech help via online chat and claimed to be from Baidu, the 
complaint alleges. The attacker asked a support representative to change 
Baidu's e-mail address on file. The representative then sent a 
confirmation code to Baidu's e-mail account even though the hacker 
answered a security question incorrectly, the complaint alleges.


Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 

Site design & layout copyright © 1986-2015 CodeGods